New US bill aims to curb NSA collection of phone and other records

A bipartisan group of four U.S. lawmakers has introduced legislation that will prohibit bulk collection of phone records of Americans.

Called the Intelligence Oversight and Surveillance Reform Act, the bill introduced by Democratic Senators Ron Wyden, Mark Udall and Richard Blumenthal, and Republican Senator Rand Paul will also provide for the creation of a "constitutional advocate" to argue against the government in significant cases before the secret Foreign Intelligence Surveillance Court. It will also set up a process for making significant FISC decisions public.

Former National Security Agency contractor, Edward Snowden, disclosed through newspaper reports in June that the NSA was collecting phone metadata from Verizon customers in the U.S. as part of its surveillance, which was said to also include collection of data from Internet companies. The Internet companies denied reports that the NSA had real-time access to content on their servers for its surveillance.

Under the proposed amendments in the new bill to the Foreign Intelligence Surveillance Act, the government would still be able to obtain records of anyone suspected of terrorism or espionage, or anyone in contact with a suspected terrorist or spy. But the bulk collection of "records of law-abiding Americans with no connection to terrorism or espionage will no longer be legal," according to an explanatory brief of the proposed legislation.

An amendment to section 702 of FISA also aims to close a "back-door searches" loophole by prohibiting the government from searching through communications collected under the section to deliberately conduct warrantless searches for the emails and other communications of specific Americans. Section 702 of FISA is designed "to facilitate the acquisition of foreign intelligence information concerning non-U.S. persons located outside the United States," according to the government.

The bill also aims to strengthen a prohibition against "reverse targeting," the alleged ruse employed by surveillance agencies of targeting a foreigner in order to acquire without warrant the communications of an American who is known to be communicating with the foreigner.

The bill is just one of a number that aim to curb NSA's powers in the wake of Snowden's revelations. The U.S. House of Representatives narrowly defeated in July an amendment to a defense spending bill that would limit spending on mass surveillance by the NSA.

The amendment, proposed by Rep. Justin Amash, a Republican from Michigan, would limit spending only to orders by the FISC that collect phone and other data only of a person who is the subject of an investigation. The administration of President Barack Obama had earlier said that it opposed the "effort in the House to hastily dismantle one of our Intelligence Community's counterterrorism tools." Obama has appointed a panel of experts to review NSA surveillance.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com

Latest Videos

​Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.​

No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?

Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.